Presented at
Black Hat Europe 2015,
Unknown date/time
(Unknown duration)
Continuous Integration (CI) tools provide an excellent attack surface due to the no/poor security controls, distributed build management capability, and level of access/privileges in an enterprise. This talk looks at the CI tools from an attacker's perspective and to use them as portals for getting a foothold and lateral movement. We will see how to execute attacks like command and script execution, credentials stealing, privilege escalation to not only compromise the build process but the underlying operating system and even entire Windows domains. No memory corruption bugs will be exploited and only the features of the CI tools will be used. Popular CI tools, open source as well as proprietary will be the targets. The talk will be full of live demonstrations.
Presenters:
-
Nikhil Mittal
Nikhil Mittal is a hacker, infosec researcher, speaker, and enthusiast. His areas of interest include penetration testing, attack research, defence strategies, and post exploitation research. He has over six years of experience in penetration testing for his clients which include many global corporate giants. He is also a member of red teams of selected clients. He specializes in assessing security risks at secure environments which require novel attack vectors and "out of the box" approaches. He has worked extensively on using Human Interface Device in Penetration Tests and PowerShell for post exploitation. He is the creator of Kautilya, a toolkit which makes it easy to use Teensy in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks. He has spoken at conferences like DEF CON, Black Hat USA, Black Hat Europe, RSA China, Troopers, DeepSec, PHDays, Black Hat Abu Dhabi, Hackfest, ClubHack, EuSecWest, and more. He blogs at http://www.labofapenetrationtester.com/
Links:
Similar Presentations: